diff --git a/nix/configuration-test.nix b/nix/configuration-test.nix index 4d5c2172..f3e44c52 100644 --- a/nix/configuration-test.nix +++ b/nix/configuration-test.nix @@ -46,6 +46,9 @@ in services.docspell-restserver = { enable = true; bind.address = "0.0.0.0"; + backend = { + addons.enabled = true; + }; integration-endpoint = { enabled = true; http-header = { @@ -60,8 +63,8 @@ in provider-id = "local"; client-id = "cid1"; client-secret = "csecret-1"; - authorize-url = "http:auth"; - token-url = "http:token"; + authorize-url = "http://auth"; + token-url = "http://token"; sign-key = "b64:uiaeuae"; }; } diff --git a/nix/module-joex.nix b/nix/module-joex.nix index 966252dc..d8e6d5fa 100644 --- a/nix/module-joex.nix +++ b/nix/module-joex.nix @@ -19,6 +19,12 @@ let logging = { minimum-level = "Info"; format = "Fancy"; + levels = { + "docspell" = "Info"; + "org.flywaydb" = "Info"; + "binny" = "Info"; + "org.http4s" = "Info"; + }; }; mail-debug = false; jdbc = { @@ -240,6 +246,29 @@ Docpell Update Check index-all-chunk = 10; }; }; + addons = { + working-dir = "/tmp/docspell-addons-work"; + cache-dir = "/tmp/docspell-addons-cache"; + executor-config = { + runner = "nix-flake,docker,trivial"; + nspawn = { + enabled = false; + sudo-binary = "sudo"; + nspawn-binary = "systemd-nspawn"; + container-wait = "100 millis"; + }; + fail-fast = true; + run-timeout = "15 minutes"; + nix-runner = { + nix-binary = "${pkgs.nix}/bin/nix"; + build-timeout = "15 minutes"; + }; + docker-runner = { + docker-binary = "${pkgs.docker}/bin/docker"; + build-timeout = "15 minutes"; + }; + }; + }; }; in { @@ -320,6 +349,11 @@ in { default = defaults.logging.format; description = "The log format. One of: Fancy, Plain, Json or Logfmt"; }; + levels = mkOption { + type = types.attrs; + default = defaults.logging.levels; + description = "Set of logger and their levels"; + }; }; }); default = defaults.logging; @@ -1527,6 +1561,111 @@ in { default = defaults.full-text-search; description = "Configuration for full-text search."; }; + addons = mkOption { + type = types.submodule({ + options = { + working-dir = mkOption { + type = types.str; + default = defaults.addons.working-dir; + description = "Working directory"; + }; + cache-dir = mkOption { + type = types.str; + default = defaults.addons.cache-dir; + description = "Cache directory"; + }; + executor-config = mkOption { + type = types.submodule({ + options = { + runner = mkOption { + type = types.str; + default = defaults.addons.executor-config.runner; + description = "The supported runners by this joex"; + }; + fail-fast = mkOption { + type = types.bool; + default = defaults.addons.executor-config.fail-fast; + description = ""; + }; + run-timeout = mkOption { + type = types.str; + default = defaults.addons.executor-config.run-timeout; + description = ""; + }; + nspawn = mkOption { + type = types.submodule({ + options = { + enabled = mkOption { + type = types.bool; + default = defaults.addons.nspawn.enabled; + description = "Enable to use systemd-nspawn"; + }; + sudo-binary = mkOption { + type = types.str; + default = defaults.addons.executor-config.nspawn.sudo-binary; + description = ""; + }; + nspawn-binary = mkOption { + type = types.str; + default = defaults.addons.executor-config.nspawn.nspawn-binary; + description = ""; + }; + container-wait = mkOption { + type = types.str; + default = defaults.addons.executor-config.nspawn.container-wait; + description = ""; + }; + }; + }); + default = defaults.addons.executor-config.nspawn; + description = ""; + }; + nix-runner = mkOption { + type = types.submodule({ + options = { + nix-binary = mkOption { + type = types.str; + default = defaults.addons.executor-config.nix-runner.nix-binary; + description = ""; + }; + build-timeout = mkOption { + type = types.str; + default = defaults.addons.executor-config.nix-runner.build-timeout; + description = ""; + }; + }; + }); + default = defaults.addons.executor-config.nix-runner; + description = ""; + }; + docker-runner = mkOption { + type = types.submodule({ + options = { + docker-binary = mkOption { + type = types.str; + default = defaults.addons.executor-config.docker-runner.docker-binary; + description = ""; + }; + build-timeout = mkOption { + type = types.str; + default = defaults.addons.executor-config.docker-runner.build-timeout; + description = ""; + }; + }; + }); + default = defaults.addons.executor-config.docker-runner; + description = ""; + }; + }; + }); + default = defaults.addons.executor-config; + description = ""; + }; + }; + }); + default = defaults.addons; + description = "Addon executor config"; + }; }; }; diff --git a/nix/module-server.nix b/nix/module-server.nix index 6f5ab783..16748173 100644 --- a/nix/module-server.nix +++ b/nix/module-server.nix @@ -29,6 +29,12 @@ let logging = { minimum-level = "Info"; format = "Fancy"; + levels = { + "docspell" = "Info"; + "org.flywaydb" = "Info"; + "binny" = "Info"; + "org.http4s" = "Info"; + }; }; integration-endpoint = { enabled = false; @@ -97,7 +103,7 @@ let scope = "profile"; authorize-url = null; token-url = null; - user-url = ""; + user-url = null; sign-key = ""; sig-algo = "RS256"; }; @@ -120,6 +126,12 @@ let chunk-size = 524288; valid-mime-types = []; }; + addons = { + enabled = false; + allow-impure = true; + allowed-urls = ["*"]; + denied-urls = []; + }; }; }; in { @@ -272,6 +284,11 @@ in { default = defaults.logging.format; description = "The log format. One of: Fancy, Plain, Json or Logfmt"; }; + levels = mkOption { + type = types.attrs; + default = defaults.logging.levels; + description = "Set of logger and their levels"; + }; }; }); default = defaults.logging; @@ -401,7 +418,7 @@ in { description = "The URL used to retrieve the token."; }; user-url = mkOption { - type = types.str; + type = types.nullOr types.str; default = defaults.openid.provider.user-url; description = "The URL to the user-info endpoint."; }; @@ -788,13 +805,39 @@ in { default = defaults.backend.files; description= "Settings for how files are stored."; }; + addons = mkOption { + type = types.submodule({ + options = { + enabled = mkOption { + type = types.bool; + default = defaults.backend.addons.enabled; + description = "Enable this feature"; + }; + allow-impure = mkOption { + type = types.bool; + default = defaults.backend.addons.allow-impure; + description = "Allow impure addons"; + }; + allowed-urls = mkOption { + type = types.listOf types.str; + default = defaults.backend.addons.allowed-urls; + description = "Url patterns of addons to be allowed"; + }; + denied-urls = mkOption { + type = types.listOf types.str; + default = defaults.backend.addons.denied-urls; + description = "Url patterns to deny to install"; + }; + }; + }); + default = defaults.backend.addons; + description = "Addon config"; + }; }; }); default = defaults.backend; description = "Configuration for the backend"; }; - - }; };